Embedded Files
π΅οΈββοΈ Wireshark β Network Protocol Analyzer
Wireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software development, communications protocol development, and cybersecurity investigation.
________________________________________
π What is Wireshark?
Wireshark captures network packets in real time and displays them in a human-readable format. It helps users analyze what's happening on their networks at a deep level.
________________________________________
π§ Key Features
Feature Description
Packet Capture Capture live data from Ethernet, Wi-Fi, Bluetooth, etc.
Deep Inspection View details of protocols at every layer (TCP/IP, HTTP, DNS...)
Filter and Search Apply filters to find specific traffic
Color Coding Highlights different types of packets for quick analysis
Export/Save Data Save captures for later analysis
Cross-Platform Available for Windows, macOS, Linux
________________________________________
π οΈ How to Install Wireshark
πͺ Windows / π macOS:
β’ Download from: https://www.wireshark.org/download.html
π§ Linux:
sudo apt install wireshark
________________________________________
πΈ Basic Workflow
1. Open Wireshark
2. Select a Network Interface (like Wi-Fi or Ethernet)
3. Click "Start" to Capture Packets
4. Apply Filters (e.g., http, ip.addr == 192.168.1.1)
5. Analyze Packet Data
6. Save the Capture File (.pcap or .pcapng)
________________________________________
π― Common Filters
Filter Description
http Show only HTTP traffic
ip.addr == 192.168.1.1 Traffic to/from a specific IP
tcp.port == 80 TCP traffic on port 80
dns DNS query/response packets
ssl / tls Secure connection traffic
tcp contains "password" Search for keywords in TCP
________________________________________
π Ethical Usage
π Important: Always use Wireshark on networks you own or have permission to monitor.
________________________________________
πΌ Real-World Use Cases
β’ π‘ Diagnose slow network
β’ π Detect malware communication
β’ π¬ Analyze VoIP (voice over IP) traffic
β’ π οΈ Debug network applications
β’ π Monitor and audit network usage
β’ π‘οΈ Cybersecurity investigation (e.g. sniffing credentials)
________________________________________
π§βπ« How to Teach Wireshark in Class
1. What is Wireshark and why itβs used
2. How to install it on Windows/Linux
3. Capturing packets from a network interface
4. Using filters to find relevant traffic
5. Analyzing a basic HTTP or DNS request
6. Highlighting risks of unencrypted traffic
7. Demonstrate detecting credentials over HTTP
8. Save and share .pcap files for offline analysis
________________________________________
π Example Activity
Activity: Capture and analyze web traffic
1. Open Wireshark and start capturing.
2. Visit a few websites in a browser.
3. Use filters like http or dns.
4. Identify hostnames, IPs, and protocols.
5. Discuss what data is exposed in plaintext (if HTTP is used).
________________________________________
π Resources
β’ π Official Wireshark Website
β’ π₯ YouTube: Wireshark Tutorials for Beginners
β’ π Book: Wireshark 101 by Laura Chappell
Page updated
Google Sites
Report abuse